ppp(8) and inbound IP connections
Matthias Apitz
guru at unixarea.de
Tue May 7 18:13:53 UTC 2013
Hello,
I'm using ppp(8) for many years to connect via UMTS to my service provider
and Internet, actually www.fonic.de; all this works fine already for long
time, works fine for outgoing TCP and UDP connections to Internet.
Until now, I did not care about incoming TCP connections, for example for
SSH'ing from remote to my netbook, connected via ppp(8), or for incoming
SIP; it turns out now,, that I can:
- check with "lynx -dump myip.nl | fgrep WAN" with which addr I show
up in Internet:
$ lynx -dump myip.nl | fgrep WAN
WAN IP adres: 82.113.99.104
- can SSH fine to some remote server,
- but can not SSH back to the addr 82.113.99.104;
I contacted the provider thinking that he is blocking all IP connects which
have not been originated by a SYN pkg from my side; but he claims not
blocking anything; and now? how can I debug this?
My interface looks like this:
tun6: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
inet 10.33.28.104 --> 10.64.64.64 netmask 0xffffffff
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
Opened by PID 799
and the routing is:
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 10.64.64.64 UGS 0 1694 tun6
10.33.28.104 link#7 UHS 0 0 lo0
10.64.64.64 link#7 UHS 0 1 tun6
127.0.0.1 link#6 UH 0 75 lo0
Any ideas about this? Thanks.
I'm attaching the ppp.conf file.
matthias
--
Sent from my FreeBSD netbook
Matthias Apitz | - No system with backdoors like Apple/Android
E-mail: guru at unixarea.de | - Never being an iSlave
WWW: http://www.unixarea.de/ | - No proprietary attachments, no HTML/RTF in E-mail
phone: +49-170-4527211 | - Respect for open standards
-------------- next part --------------
#
# $Id: ppp.conf,v 1.1 2011/11/20 06:07:03 guru Exp $
#
# based on hint:
# http://groups.google.com/group/lucky.freebsd.usb/msg/2b88fb344c6932fe
#
# Fonic values now tested
# PIN: xxxx
# APN (AT+CGDCONT value): pinternet.interkom.de
#
#
default:
set log Phase Chat LCP IPCP CCP tun command
umts:
set device /dev/cuaU0.0 # device name in CURRENT
set speed 921600
#
set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \
\"\" AT OK-AT-OK ATZ OK \
AT+CFUN=1 OK \
AT+COPS=0 OK \
AT+CGDCONT=1,\\\"IP\\\",\\\"pinternet.interkom.de\\\" OK \
\\dATDT\\T TIMEOUT 40 CONNECT"
set logout "ABORT BUSY ABORT ERROR TIMEOUT 30 \"\" +++ATH O ATH OK"
# NAT (not used by me)
# nat enable yes
# alias enable yes
# nat port tcp 192.168.0.0:ftp ftp
# nat port tcp 192.168.0.0:http http
nat enable yes
nat port udp 127.0.0.1:1024-1030 1024-1030
nat port tcp 127.0.0.1:22 22
set phone *99*1\#
set authname "fonic"
set authkey "fonic"
set timeout 300
#
set ifaddr 10.64.64.64/0 10.64.64.64/0 255.255.255.255 0.0.0.0
#
add default HISADDR # Add a (sticky) default route
enable dns
disable ipv6cp
More information about the freebsd-net
mailing list